rsh is dead, long live nimsh!

The AIX migration tool, nimadm, now supports the nimsh protocol. That’s right; you no longer need to configure rsh on your NIM clients in order to use nimadm to migrate AIX to a newer version. So, rsh is finally dead. Long live nimsh!

I tested this new functionality in my lab environment. The following AIX versions and levels were installed:

The NIM client was installed with AIX 6.1 TL8 SP1. A spare disk was available for the migration. The nimsh subsystem was active.

root@aix61[/] # oslevel -s

6100-08-01-1245

root@aix61[/] # lspv

hdisk0 00c8e424e56b6006 rootvg active

hdisk1 00f6050a2cd79ef8 None

root@aix61[/] # lssrc -s nimsh

Subsystem Group PID Status

nimsh nimclient 3539094 active

The NIM master was installed with AIX 7.1 TL2 SP1. The NIM client definition specified nimsh as the connection protocol. The NIM master was able to communicate with the NIM client using nimsh (and not rsh/shell).

The rsh (shell) subsystem was disabled on the NIM client i.e. there was no .rhosts file in /, the shell/rshd service was commented out in /etc/inetd.conf. This prevented the NIM master from connecting to the NIM client using rsh.

root@aix61[/] # ls -ltr .rhosts

ls: 0653-341 The file .rhosts does not exist.

root@aix61[/] # grep rshd /etc/inetd.conf

#shell stream tcp6 nowait root /usr/sbin/rshd rshd

root@nim1[/] # rsh aix61 date

aix61: A remote host refused an attempted connect operation.

I migrated the NIM client from 6.1 TL8 SP1 to 7.1 TL2 SP1, using nimadm.

Once nimadm finished, I restarted the NIM client on its alternate rootvg disk. The client restarted and came up on AIX 7.1 TL2 SP1 as planned.

root@aix61[/] # lspv

hdisk0 00c8e424e56b6006 rootvg active

hdisk1 00f6050a2cd79ef8 altinst_rootvg active

root@aix61[/] # oslevel -s

6100-08-01-1245

root@aix61[/] # lspv

hdisk0 00c8e424e56b6006 rootvg active

hdisk1 00f6050a2cd79ef8 altinst_rootvg

root@aix61[/] # shutdown -Fr

root@aix61[/] # lspv

hdisk0 00c8e424e56b6006 old_rootvg

hdisk1 00f6050a2cd79ef8 rootvg active

root@aix61[/] # oslevel -s

7100-02-01-1245

Overall, this was not very different from any other nimadm operation. The only things you need to check are that you have the correct AIX levels+ifix installed and the NIM master can communicate with the NIM client over nimsh.

The nimadm log file, on the NIM master, is still in the usual location and can be referenced should things go wrong. On the NIM client, you can view the /var/adm/ras/nimsh.log file for an audit trail of all nimsh communication between the NIM master and client. For example: